Manual Backtrack 5 Revolution Con Entorno Grafico Gnome Para Claves Wep
Backtrack Manual Part2
-
Upload
nutan-kumar-panda -
Category
Education
-
view
49 -
download
13
description
Transcript of Backtrack Manual Part2
Project ReportProject Report
onon
Project by - Nutan Kumar Panda
Technology Evangelist ISEH
R&D - ATL Guwahati
Backtrack:BackTrack is one of the more popular distributions in the white hat circles. It is specially suited for penetration testing, with more than 300 tools available for the task. Like both Helix and
Project By: Nutan Kumar Panda
Protech, BackTrack is based on Ubuntu. This means good stability and hardware detection and a whole lot of software that can be easily obtained.
BackTrack is a Linux distribution distributed as a Live CD which resulted from the merger of WHAX(previously Whoppix) and the auditor security collection, which used for penetration testing.
The BackTrack project was created by Mati Aharani and Max moser and is collaborative effort involving the community.
1) Backtrack 2 released march 6, 2007(includes over 300 security tools)
2) Beta version of BackTrack 3 released Dec. 14, 2007(focus was to support more and newer hardware as well as provide more flexibility and
modularity)3) BackTrack 3 released june 19,2008
(new additions include SAINT and Maltego)4) Backtrack 3 Final Realesed Feb 11,20095) BackTrack 4 Beta Released Feb 11, 2009
(move to debian)6) BackTrack 4 pre-release Released 19th June, 20097) BackTrack 4 Final released 11th January 20108) BackTrack 4 R1 released may 8th,20109) BackTrack 4 R2 released November 22nd, 2010
BACKTRACK 4
Company/Developer Mati Aharani, Emanuele Gentilli, and othersOS family Unix-likeWorking State CurrentSource Model Open SourceLatest Stable release 4.0 R2/November 22nd , 2010Kernel type MonolithicDefault User Interface Bash,KDE,FluxboxLicense VariousOfficial Website www.backtrack-linux.org
Behind the curtains
BackTrack BaseThere have been many changes introduced into BackTrack 4 ‐ most notably, ourmove to an Ubuntu Intrepid base. We now maintain our own full repositories withmodified Ubuntu packages in addition to our own penetration testing tools.Another significant change is the updated kernel version, currently at 2.6.29.4. This
Project By: Nutan Kumar Panda
new kernel brought an onset of internal changes, which have greatly changed thestructure of BackTrack.
BackTrack KernelWe no longer use lzma enabled squashfs as our live filesystem, which on one handresults in larger ISO size, but on the other hand, frees us from having to maintainour own kernel patches. This is especially painful these days, as squashfs is slowlymoving into the mainstream kernel (at the time of this writing).BackTrack 4 uses squashfs‐tools version 4.0 (which is not backward compatiblewith previous versions), and the inbuilt squashfs kernel module, which is present in2.6.29.4. AUFS is used as the unification filesystem (aufs2.x).Several wireless driver injection/optimization patches have been applied to thekernel, as well as a bootsplash patch. These patches can be found in the kernelsources package (/usr/src/linux/patches).
These changes mean that much of what you were used haschanged in terms of boot cheatcodes and such, as this kernel shift also means we nolonger use the livelinuxscripts to create our images (we use casper now).
FEATURES:
BackTrack focuses its central idea on the needs of penetration testers. The inclusion of live CD and Live USB functionality enables any user to just insert their respective data medium and boot up BackTrack
Direct hard disk installation(2.7GB uncompressed) can also be completed within the Live DVD(1.5GB compressed) environment the basic graphical installation wizard with no restart subsequent to installation. BackTrack further continue its compatibility with accessibility and internationalization by including support for japenese input in reading and writing in hiragana, katakana and kanji.
THE KEY ADIITION TO THE BACKTRACK SUITE are notably
1) Metasploit integration2) RFMON Injection capable wireless drivers3) Kismet4) Autoscan-network(AutoScan-Network is a network discovering and managing
application)5) Nmap6) Ettercap7) Wireshark(Formely known as Ethereal)8) BeEF(browser Exploitation Framework)
Project By: Nutan Kumar Panda
BackTrack’s functionality further increases with the arrangement of each tool in 11 categories. The tool categories are as follows.
1) Information Gathering 2) Network Mapping3) Vulnerability Identification4) Web Application Analysis5) Radio network, Analysis(802.11, Bluetooth, Rfid)6) Penetration(Exploit & social Engineering Toolkit)7) Privilege Escalation8) Maintaining Access9) Digital Foreensics10)Reverse Engineering11)Voice over IP
In relation to basic software packages, BackTrack includes some ordinary desktop programs such as Mozilla Firefox, Pidgin, K3b and XMMS.
UPDATING BACKTRACK
keeping BackTrack up to date is relatively simple by using the apt-get commands.
apt-get update : Synchronizes your package list with our repository. apt-get upgrade : downloads and installs all the updates available. apt-get dist-upgrade : downloads and installs all new upgrades.
Meta Packages A nice feature that arises from the tool categorization, is that we can now support “Backtrack meta Packages”.A meta package is a dummy package which includes several other packages.For eg., the meta package “backtrack web” would include all the web application penetration testing tools backtrack has to offer.
Meta Meta packagesThere are two “Meta Meta Packages”: BackTrack world and BackTrack-desktop. BackTrack-World contains all the backtrack meta packages, while backtrack-desktop contains backtrack-world, backtrack-networking and backtrack-multimedia. The latter two meta packages are select applications imported from Ubantu Repositories.
Project By: Nutan Kumar Panda
Working with BackTrack
BackTrack 4 contains an “imposed” KDE3 repository, alongside the KDE4 UbuntuIntrepid repositories.
Updating tools manuallyOur BackTrack repositories will always strive to keep updated with the latestversions of tools, with the exception of a select few. These “special” tools getupdated by their authors very frequently, and often include significant updates. Wefelt that creating static binaries for these types of tools would not be beneficial andusers were better of keeping these tools synched with the SVN versionsrespectively. The tools include MSF, W3AF, Nikto, etc.
Installation
BackTrack comes as a live CD, so to run it, you simply need to insert it in the CD drive and then boot the system. At the prompt, log on as root and then enter the root password toor before going on to set up the GUI with xconf. After you have completed the setup, simply type startx to launch the GUI. If an error occurs, try gui as a workaround for launching the graphical interface.If you need to, you can type dhcpcd to ask the DHCP server for an IP address. BackTrack does not do this automatically. BackTrack’s KDE-based menu system provides access to dozens of security tools and other forensic-analysis applications (see Figure 1). Browsing the BackTrack menu is a little like browsing the many menus and submenus of a games distribution; only, instead of a bunch of games, the GUI is stocked with sniffers, spoofers, scanners, and other utilities to assist you with security testing.
Creating your own Live CD – Method 1Creating your own flavor of BackTrack is easy.1. Download and install the bare bones version of BackTrack2. Use apt get to install required packages or meta packages.‐3. Use remastersys to repackage your installation.
Creating your own Live CD – Method 2Download the BackTrack 4 iso. Use the customization script to update and modifyyour build as show here:http://www.offensive security.com/blog/backtrack/customising backtrack live cdthe‐ ‐ ‐ ‐ ‐easy way/‐
Installing BackTrack to USBThe easiest method of getting BackTrack4 installed to a USB key is by using theunetbootin utility (resent in BackTrack in /opt/).
Installing Backtrack to a harddrive (using Ubiquity)Boot from the Backtrack DVD and choose “Start Backtrack in Text Mode”Backtrack will boot and will automatically end up at a root prompt.
Project By: Nutan Kumar Panda
Launch the GUI by running ‘startx’.Open a konsole and run ‘ubiquity’.At the “Language crashed” dialog, choose “Continue anyway’”Set timezone and choose keyboard layout.Let backtrack partition the disk. (‘Use entire disk’)Enter new user account information. (Pick a strong password, as this will be the user account used to log on into Backtrack)Review the installation summary and press “install” to start the installation.Reboot when installation has completedLog in with the newly created userchange the password for root (sudo passwd root)
Lots of great stuff
Like most Linux distros - and definitely all forensics/security-oriented tools, BackTrack works primarily as a live CD, with good hardware detection and low memory footprint, intended to make it usable even on older machines. It is also possible to install BackTrack, should one desire.
The boot menu is simple and elegant, with three options.
The second option (Console no FB) stands for Console no Framebuffers, i.e. the failsafe mode with minimal graphics that should work well on all hardware. Thanks k finity! As to the third option, MSRAMDUMP, I did try booting it, but this produced an error and threw me back into the boot menu.
The distro maintains its elegance by booting into the best-looking console I have seen, with stylish color gradients and mirror effects. You can begin working instantly on the command-line or boot into GUI desktop by issuing startx command.
Project By: Nutan Kumar Panda
Desktop
The desktop is simple and functional, running a lightweight KDE3 manager. You get a simple wallpaper with dragon-like theme. Another interesting element is the Run box embedded in the panel, which allows you to run applications without invoking a terminal first.
The network is not enabled by default and you'll have to fire it up manually.
Tools
BackTrack is all about lots and lots of hacking tools. Once again, I'm only going to present the tools, not show you how to use them. These tools are all double-edged swords, and without the right amount of respect, skill and integrity, you may cause more harm than good. Furthermore, do not deploy them in a production environment without the explicit approval from system administrators and INFOSEC people.
Project By: Nutan Kumar Panda
The tools can all be found under Backtrack in the menu, arranged into sub-categories. The collection is long and rich and it will take you a long time pouring over all of them, let alone mastering them. Most of the tools are command-line utilities, with menu items a link to the console with the relevant tool running inside it.
Project By: Nutan Kumar Panda
Backtrack 4 R2 Tools:
Go to Kmenu->Backtrack
1. Information Gathering
Archiveo Metagoofilo SEAT
DNSo DNS-Walko DNSTracero Dns Enumo Dnsmapo Dnsmap-bulko Dnsrecono Fierceo Lbd
Routeo 0trace
Project By: Nutan Kumar Panda
o Dmitryo Ltraceo Lanmapo Netenumo Protoso TCPtracerouteo Tctrace
Searchengineo Googmailo Goohosto Goorecono Gooscano MetaGoofilo SEATo TheHarvestero WhatWeb
Dradis Client Dradis Server Paterva Maltego CE
2. Network Mapping
Identify Live Hostso 0traceo 5nmpo Angry IPScano Arpingo Autoscan
Project By: Nutan Kumar Panda
o Fpingo Genlisto Hping2o Hping3o Lanmapo Lanmap2o Nbtscano Netiferao Nmapo Nsato Onesixtyoneo OutputPBNJo SCTPscano SSLscano ScanPBNJo TCPtracerouteo Unicornscano Zenmap
OS-Fingerprintingo 5nmpo Autoscano Lanmap2o Nmapo Nsato Onesixtyoneo P0fo Protoso SSLscan
Project By: Nutan Kumar Panda
o Unicornscano XProbe2o Zenmap
Portscanningo Angry IPScano Autoscano Genlisto Netiferao Nmapo Nsato OutputPBJNo Propeciao SCTPscano ScanPBJNo Unicornscano Zenmap
Service Fingerprintingo Amapo Dmitryo Httprinto Httprint_GUIo Httsquasho LetDowno ReverseRaider
VPNo Ike-scano PSK-Crack
Project By: Nutan Kumar Panda
3. Vulnerability Identification
Ciscoo Cisco Auditing Toolo Cisco Global Exploitero Cisco OCS Mass Scannero Cisco Passwd Scannero Copy Router Configo Merge Router Config
Fuzzerso Bedo Bf3o Bunnyo Dkftpbencho Fuzzgrindo Fuzzgrind GUIo JBroFuzzo JBroFuzz-Encodero Peacho Spikeo Voipero WsFuzzero ZZuf
OpenVaso OpenVas Add Usero OpenVas Clio OpenVas Cliento OpenVas Make Certo OpenVas NVT Sync
Project By: Nutan Kumar Panda
o Start OpenVas Administratoro Start OpenVas Managero Start OpenVas Scannero Stop OpenVas Administratoro Stop OpenVas Managero Stop OpenVas Scanner
SMB Analysiso Impacket samrdumpo Impacket smbcliento SMBcliento Smb4K
SNMP Analysiso ADMSnmpo Braao SNMP Walko SNMPchecko Snmp Enum
4. Web Application Analysis
Database (backend)o MSSQL
DBPwAudit MSSQLScan Metacoretex Pblind SA Exploiter SQL Ninja
Project By: Nutan Kumar Panda
SQLMap SQLbrute SQLix
o MYSQL DBPwAudit Metacoretex Mysqlaudit Pblind SQLCheck SQLData SQLMap SQLix Sqlsus UDF
o Oracle DBPwAudit Metacoretex Opquery Opwg Oscanner Ose Otnsctl Pblind SQLMap SQLbrute SQLix THC-OracleCrackert
Web (frontend)o ASP-Audit
Project By: Nutan Kumar Panda
o Burpsuiteo Burpsuite Msfo CSRFTestero Curlo DFF Scannero DharmaEncodero DirBustero Fimapo Flareo Flasmo Grabbero Grendel Scano HCrafto Httprinto Httprint_GUIo Jmetero JoomScano Lbdo List-Urlso Lynxo Mini Mysqlat0ro Nikto2o OpenAcunetixo Paros Proxyo Powerfuzzero Ratproxyo SWFintrudero Skipfish
Project By: Nutan Kumar Panda
o SoapUIo W3AF (Console)o W3AF (GUI)o WBoxo WMATo Wafw00fo Wapitio Web Securityo Webscarab Liteo Webshag CLIo Webshag GUIo Wfuzzo Xsss
5. Radio Network Analysis
80211o Cracking
ASLEAP AirSnarf AirSnort Airbase-ng Aircrack-ng Aircrack-ng Airdecap-ng Airdecloak-ng Airdriver-ng Airdrop-ng
Project By: Nutan Kumar Panda
Aireplay-ng Airmon-ng Airdump-ng Airdump-ng-oui-update Airolib-ng Airoscript Airpwn-ng Airserv-ng Airtun-ng Buddy-ng Cowpatty Decrypt Easside-ng Gencases Genpmk Gerix-Wifi-Cracker-NG GrimWepa Ivstools Kismat Kstats MDK3 Orino-Hopper Packetforge-ng Pyrit Tkiptun-ng WEPCrack WEPCrack IVgen WEPCrack getIV WepBuster Wep_keygen
Project By: Nutan Kumar Panda
Wesside-ng WifiZoo
o Misc APHooper AirFlood Airgraph-ng Airgraph-ng dump join Airopdate Baffle Baffle GUI GISKismat GPSmap-expedia Kisgearth Kmsapng MacChanger Mitmap PCapDump SSIDSniff Schnappi-dhcp Wavemon Wispy GTK Xgps Zulu
o Spoofing AirSnarf Airbase-ng Aircrack-ng Aircrack-ng Airdecap-ng Airdecloak-ng
Project By: Nutan Kumar Panda
Airdriver-ng Airdrop-ng Aireplay-ng Airmon-ng Airdump-ng Airdump-ng-oui-update Airolib-ng Airpwn-ng Airserv-ng Airtun-ng Buddy-ng Easside-ng FakeAP Gerix-Wifi-Cracker-NG Ivstools Kstats Packetforge-ng Tkiptun-ng Wep_keygen Wesside-ng WifiZoo Wifitap Wifitap-Arp Wifitap-DNS Wifitap-Ping
Bluetootho BCCMDo BSSo BTAddr
Project By: Nutan Kumar Panda
o BTAudit psmo BTAudit rfcommo BTPinCracko BlueMahoo BlueScano BlueSnaffero BlueSquirrelo BlueSquirrel-Picoo Braceso CW-Toolso CarWhishpero Frontlineo Ghettotootho GreenPlaqueo HID-Attacko ObexStresso Packet Replayo TBSearcho TBearo Tanyao BlueSmasho Bluebuggero Blueprinto Btscannero HCIDumpo Minicomo ObexFTPo Redfang
Project By: Nutan Kumar Panda
o Ussp-Push RFID
o RFIDIOt ACG Brute Force Hitag2 Bruteforce MIFARE Bruteforce mifare Calculate JCOP MIFARE Keys Continuous Select TAG Copy ISO15693 TAG Epassport READ WRITE CLONE Format MIFARE 1k Value Blocks Identify HF TAG Type Identify LF TAG Type JCOP Info JCOP MIFARE READ WRITE JCOP Set ATR Historical Bytes READ WRITE CLONE Unique (EM4x02) Read ACG Reader EEPROM Read LF TAG Read MIFARE Read TAG Reset Q5 TAG Select TAG Set FDX-B ID Test ACG LAHF
o RFIDIOt Frosch READ WRITE CLONE Unique (EM4x02) Reset Hitag2 TAG Set FDX-B ID
Project By: Nutan Kumar Panda
Test Frosh Readero RFODIOt PCSC
/Identify HF TAG Type Bruteforce MIFARE Calculate JCOP MIFARE Keys Chip & PIN info Continuous Select TAG EPassport READ/WRITE/CLONE Install ATR Historical Byte applet to JCOP Install Mifare applet to JCOP Install vonjeek ePassport emulator to JCOP Install vonjeek ePassport emulator to Nokia JCOP Info JCOP MIFARE READ/WRITE JCOP Set ATR Historical Bytes Read MIFARE Read TAG Select TAG
6. Penetration
ExploitDBo Online Resources
www.exploit-db.com o Update Exploitdb
Fast Tracko Fast-Track Interactiveo Fast-Track WebGUIo Fast-Track Command Line
Project By: Nutan Kumar Panda
Ingumao Ingumao Ingumagui
Metasploit Exploitation Frameworko Framework Version 2
Framework2-MsfCli Framework2-MsfConsole Framework2-MsfUpdate Framework2-Msfweb
o Framework Version 3 MsfUpdate MsfConsole Msfgui
Social Engineering Toolkito Social Engineering Toolkito S.E.T-Webo S.E.T-Automationo S.E.T-Update
Sapyto
7. Privilage Encapsulation
PasswordAttackso OfflineAttacks
Rainbowcrack RTDump RTGen RTSort Rainbowcrack
Project By: Nutan Kumar Panda
Bkhive CUPP CeWL Crunch Hashcat John Oclhashcat Ophcrack Ophcrack GUI Pw-inspector Pyrit RTDump RTGen RTSort Rainbowcrack Rarcrack Saltymd5 Samdump2 Whd
o OnlineAttacks BruteSSH DNSBruteforce Hydra Lodowep Medusa NCrack RWW-Attack SSHater TFTP-bruteforce VNCrack
Project By: Nutan Kumar Panda
XHydrao Chntpw
Snifferso Arpalerto DSniffo Driftneto Etherapeo Ettercapo Ettercap-GTKo Ferreto Hamstero Ntopo SMBRelay3o SSLDumpo SSLStripo TcPicko Tsharko Wiresharko XPlicoo Xspyo Xwatchwin
Spoofing ADM-dns-tools Etherape Ettercap Ettercap-GTK ICMP Redirect IRDP Responder
Project By: Nutan Kumar Panda
ISP Igrp route injection Inundator Middler Nemesis NetSed Netenum PackETH Packit SSLDump SSLStrip Scapy Sing TCPreplay THC-IPv6
8. Maintaining Access
Backdoors and Rootkitso Web Backdoors Compilation
Tunneling 3proxy Cryptcat DNS2tcp Miredo Miredo-server Nstx ProxyTunnel Proxychains
Project By: Nutan Kumar Panda
Proxyresolv Ptunnel Sbd Socat Stunnel4 TinyProxy UDPtunnel
9. Digital Forensics
Anti Forensicso Scrubo Wipe
File Carvingo Foremosto Magicrescue
Forensic Analysiso Allin1o Autopsyo ExifToolo Fatbacko MboxGrepo Memdumpo PhotoReco Scalpelo TestDisko TrIDo Unhide-Linux26
Project By: Nutan Kumar Panda
o Unhide-Posixo Unhide-TCPo Vinettoo Volatilityo XPlico
Image Aquiringo AIR Imagero Afcato Afcompareo Afconverto Affixo Afinfoo Afstatso Afxmlo Aimageo Chkrootkito Calmscano DCFLDDo DD_rescueo Galleta
10. Reverse Engineering
Evans Debugger GDB GNU Debugger IDA Pro Free OlleyDBG
Project By: Nutan Kumar Panda
11. Voice Over IP
VoIP Analysiso Signalling
Ace Add_registrations EnumlAX Erase_Registrations IWar Iaxflood Inviteflood Ohrwurm PCAPsipdump Protos-Sip RTP Flood RTP InsertSound RTP MixSound RTPInject RTPbreak RedirectPoison SIPP SIPSak SIPcrack SIPdump SIPvicious Sip-scan Sip_rouge Smap Teardown UCSniff
Project By: Nutan Kumar Panda
Vnak Voiper Voiphopper Voipong Vomit Warvox
12. Miscellaneous
Dkftpbench Dragon IPcalc Icommander Icommander-client Kmsapng Leo MacChanger Mitmap NetActView NetSed Packet-o-matic Schnappi-dhcp SendEmail Tpcat USBview Utilman ValGrind Wavemon Wgetpaste
Project By: Nutan Kumar Panda
Apart from all these tools, Backtrack 2 R2 contains some important services like
BEEF GPSD HTTPD Mysql NETWORK PCSCD SNORT SSH TFTPD VNC
Project By: Nutan Kumar Panda